package com.wxc.config.shiro;

import com.wxc.contants.Constant;
import com.wxc.exception.BusinessException;
import com.wxc.service.RedisService;
import com.wxc.utils.token.JwtTokenUtil;
import com.wxc.vo.REnum;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.credential.CredentialsMatcher;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

/**
 * @author wxc
 * @date 2021年10月24日 20:55
 * 自定义密码比较
 */
@Component
public class CustomCredentialsMatcher implements CredentialsMatcher {

    @Autowired
    private RedisService redisService;

    @Override
    public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) {
        String userId = JwtTokenUtil.getUserId((String) token.getCredentials());

        // 由于采用的是token认证 所以肯定返回true 只需要判断账号有没有被锁定删除即可
        // 已注销
        if (redisService.hasKey(Constant.DELETED_USER_KEY + userId))
            throw new BusinessException(REnum.ACCOUNT_CANCEL_ERROR);
        // 被锁定
        if (redisService.hasKey(Constant.ACCOUNT_LOCK_KEY + userId))
            throw new BusinessException(REnum.ACCOUNT_DISABLE_ERROR);
        return true;
    }
}
